Reference Guide

ManualsBrandsDell ManualsAccess PlatformsBrocade G620

161

162

163

164

165

166

167

168

169

170

TABLE 24 LDAP options (continued)

Protocol Description Channel type Default port URL Brocade supported?

authenticated using a

certificate

LDAPv2 with SSL

LDAPv2 over SSL.

Port 636 is used for

SSL. Port 389 is for

connecting to LDAP.

Secured 636 and 389 ldaps:// No

Command options

The following table outlines the

aaaConfig

command options used to set the authentication mode.

TABLE 25 Authentication configuration options

aaaConfig options Description

--authspec "local" Default setting. Authenticates management connections against the local

database only.

If the password does not match or the user is not defined, the login fails.

--authspec "radius" Authenticates management connections against any RADIUS databases

only.

If the RADIUS service is not available or the credentials do not match, the

--authspec "radius;local" Authenticates management connections against any RADIUS databases

first.

If RADIUS fails

for any reason

, authenticates against the local user

database.

--authspec "radius;local" --backup Authenticates management connections against any RADIUS databases.

If RADIUS fails because the service is not available, it then authenticates

against the local user database. The --backup option directs the service to

try the secondary authentication database only if the primary

authentication database is not available.

--authspec "ldap" Authenticates management connections against any LDAP databases

only. If LDAP service is not available or the credentials do not match, the

--authspec "ldap; local" Authenticates management connections against any LDAP databases

first. If LDAP fails for any reason, it then authenticates against the local

user database.

--authspec "ldap; local" -backup Authenticates management connections against any LDAP databases

first. If LDAP fails for any reason, it then authenticates against the local

user database. The --backup option states to try the secondary

authentication database only if the primary authentication database is not

available.

--authspec "tacacs+" Authenticates management connections against any TACACS+ databases

only. If TACACS+ service is not available or the credentials do not match,

the login fails.

--authspec "tacacs+; local" Authenticates management connections against any TACACS+ databases

first. If TACACS+ fails for any reason, it then authenticates against the local

user database.

This protocol was deprecated in 2003 when LDAPv3 was standardized.

Managing User Accounts

Brocade Fabric OS Administration Guide, 8.0.1

162 53-1004111-02